Activecampaign » Triolive » 1.25 : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to inject arbitrary web script or HTML via the department_id parameter to index.php.
Max CVSS
4.3
EPSS Score
0.25%
Published
2008-11-13
Updated
2017-08-08
SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php.
Max CVSS
7.5
EPSS Score
0.38%
Published
2008-11-13
Updated
2017-08-08
2 vulnerabilities found